149 Cybersecurity Consultant jobs in Hong Kong

Created by the integration of long-standing organizations dating back to 1911, AtkinsRéalis is a world- class engineering services and nuclear company dedicated to engineering a better future for our planet and its people. We create sustainable solutions that connect people, data and technology to transform the world's infrastructure and energy systems. We deploy global capabilities locally to our clients and deliver unique end-to-end services across the whole life cycle of an asset including consulting, advisory & environmental services, intelligent networks & cybersecurity, design & engineering, procurement, project & construction management, operations & maintenance, decommissioning and capital. The breadth and depth of our capabilities are delivered to clients in strategic sectors such as Engineering Services, Nuclear and Capital.  News and information are available at or follow us on LinkedIn.

Learn more about our career opportunities at:

Responsibilities:

• Provide Cyber Security advice and guidance for clients in 'business as usual', technical refresh and new project environments.
• Be able to apply technical knowledge, with creative and innovative thinking in a broad range of complex and non-routine contexts.
• Identify and establish good security governance to meet client business requirements.
• Perform Cyber Security risk assessments and determine the most cost-effective deployment of security controls and solutions in line with the business risk appetite to protect information assets from loss, misuse, leakage or corruption.
• Create client Cyber Awareness policies and procedures to meet corporate and regulatory requirements and standards.
• Build successful working relationships with team members, key customers and stakeholders that improves the value of the security services being performed.

Requirements:

• Diploma or degree in related field and at least 5 years of related experience in security role or equivalent combination of experience in cybersecurity, risk disciplines, and/or cybersecurity risk management programs.
• Possess security certificate(s) such as CISSP, GICSP, CISM, OSCP or equivalent.
• Experience of delivering technical Cyber Security consultancy in multi-disciplined environments.
• Experience of developing Information Security Management Systems (ISMS), including risk assessments/management and the deployment of appropriate controls.
• Understanding of Cyber Security roles and responsibilities.
• Knowledge of cyber security frameworks (e.g., NIST, ISA/IEC 62443, and ISO
• Excellent spoken and written English, Cantonese and/or Putonghua.
• Understanding of other technology systems (e.g. SCADA / Telecommunications / Network Technology) preferred but not mandatory.

Why choose AtkinsRéalis?

• Comprehensive Medical & life insurance coverage
• Remote work opportunities outside of country
• Flexible/hybrid work solutions
• Performance driven discretionary bonus program
• Transportation & housing allowances: Available for remote work locations.
• Employee Wellbeing Program: 24/7 access to specialists in finance, legal matters, family care, as well as personal health, fitness, and nutrition consulting.

Your difference makes a difference. We care for our people and are committed to creating an inclusive working environment where you can thrive and build a future you want to be a part of.

AtkinsRéalis is committed to eliminating discrimination and encouraging diversity amongst our workforces. We aim to provide quality and fairness for all job applicants and employees and not to discriminate on grounds of gender, marital status, age, race, ethnic origin, religious conviction, or disablement. We oppose all forms of unlawful treatment and discrimination.

Our aim is for the company to be representative of all sections of society and that each employee feels respected and able to give their best. We are committed to a policy of treating all our employees and job applications equally.

We pursue this commitment by:

Having clear and concise procedures and guidelines for both line managers and employees to ensure policies are fully understood and implemented.

Complying with the relevant employment legislation and codes of practice.

Ensuring that all existing employees, potential employees, colleagues, and customers are treated equally and with respect.

• Provide technical support to customers for different security solutions.
• Prepare project documents and training for customers.
• Evaluate new solutions to fulfill customer requirements.
• To perform other related duties as required.

Job Types: Full-time, Permanent

Pay: $28, $40,000.00 per month

Benefits:

• Medical Insurance
• Professional development

Education:

• Associate Degree / Higher Diploma (Preferred)

Experience:

• Information security: 1 year (Preferred)

License/Certification:

• CISA, CISSP or equivalent Certification (Preferred)

Work Location: In person

ServiceOne Limited is one of the largest Information Technology (IT) consulting and managed services provider in the region. The company was founded in 1999 and is headquartered in Hong Kong with strong foothold in China and business coverage in Asia Pacific region. Our clients are government departments, non-government organizations, education institutes, multinational corporations, small and medium companies across various industries. Our services provide Consulting and Application Management Services, Digitalization of Workflow Management, Outsource Managed Services, Hardware & Software Maintenance, Project Management, Product Life Cycle Management, Secondment Services & etc.

We are a member of Expert Systems Holdings Limited (HKEX Stock Code

To Stay true to ServiceOne's ongoing mission that is to deliver the highest quality services to all her customers, we invite high-caliber candidate of you to join our company.

For more information, please visit our website at 

Summary

We are seeking a skilled and experienced Cybersecurity Consultant to join our team. The ideal candidate will be responsible for providing expert advice and solutions in cybersecurity and ensuring compliance with industry standards and regulations. This role requires a understanding of cybersecurity best practices, regulatory frameworks, and the ability to communicate effectively with technical and non-technical stakeholders.

Responsibilities:

Cyber Security and Risk Assessment

• Conduct threat modeling and vulnerability assessments to identify potential weaknesses.
• Prepare risk mitigation plans and assist in their implementation.
• Perform penetration tests to identify vulnerabilities in systems, networks, and applications.
• Document findings and provide actionable recommendations to address identified vulnerabilities.
• Conduct internal and external IT audits to evaluate the effectiveness of information security controls.
• Assess compliance with organizational policies, regulatory requirements, and industry standards.
• Stay updated on changes to cybersecurity regulations and standards and advise clients accordingly.

Requirement:

• Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).
• Professional certifications such as CISSP, CISM, CEH, or CISA.
• 5 years or more of experience in cybersecurity consulting, risk assessment, penetration testing, IT audits, and compliance.
• Proficiency in using penetration testing tools (e.g., Metasploit, Burp Suite, Nessus).
• Excellent problem-solving, analytical, and critical-thinking skills.
• Strong communication skills, with the ability to explain technical concepts to non-technical audiences.
• Experience with cloud security (AWS, Azure, or GCP) is a plus.

Remuneration Package:

• 5-day work + Public Holiday
• 5 mins to MTR station
• days annual leave + birthday leave
• Medical coverage
• Education allowance
• Discretionary bonus

We offer excellent career opportunities, attractive remuneration package and fringe benefits including banking holiday, various types of leave, discretionary bonus & medical insurance. If you have the desire to join us, please send us your resume immediately with your present & expected salary by clicking "Apply Now".

(The information provided will be used for employment related purpose only. All information of unsuccessful applicants will be destroyed within six months)

Our Hong Kong office is expanding, driven by market demand for consulting advice/support. This continued growth has created opportunities for Consultants. This is an outstanding opportunity for talented people to have a fast-growing career and help in shaping the future of our Hong Kong office.

• Drive projects covering a broad range of cybersecurity and digital risk topics, with opportunities to influence technology advisory areas.
• Autonomously manage projects, ensuring timely delivery and quality outcomes. Prioritize tasks and escalate issues to management when necessary.
• Develop and deliver compelling presentations to communicate findings and recommendations to clients.
• Foster and enhance strong client relationships, positioning yourself as a trusted advisor in cybersecurity.
• Support business development activities such as drafting and presenting proposals.
• Play an active role in driving internal initiatives that support the growth and development of our Asia practice.

Required qualifications:

• University degree in Information Technology, Information Systems, Computer Science, Cybersecurity, or related fields.
• Prior experience or knowledge in cybersecurity/IT topics.
• Demonstrated solid consulting skills, business acumen, and project delivery capabilities.
• Strong interpersonal skills with the ability to engage stakeholders and contribute to team success.
• Strong problem solving, communication, and analytical skills.
• Ambition to grow consulting as well as technical skills, and a strong work ethic.
• Excellent command of spoken and written English; proficiency in Mandarin and/or Cantonese is preferred.

To apply, please send us your CV and cover letter.

We offer you:

• The ability to work in a dynamic international environment and ongoing on-the-job training
• The opportunity to work on exciting projects
• Excellent opportunities for personal and professional development, with ongoing coaching
• An attractive remuneration package commensurate with the experience and performance
• Entrepreneurial opportunities by being part of a fast-growing consulting firm

Our Hong Kong office is expanding significantly, driven by market demand for consulting advice/support in Cybersecurity and CTO/CIO Advisory. This continued growth has created opportunities for Consulting Interns. This is an outstanding opportunity for talented people to have a fast-growing career and help in shaping the future of our Hong Kong office.

• Deliver projects covering a broad range of Cybersecurity and Digital Risk topics, and occasionally Digital Transformation, IT strategy, Business Transformation
• Perform research and analysis, including interviews with clients to gather input, consolidate the findings and provide recommendations to clients
• Develop and deliver presentations to communicate findings to clients
• Develop and enhance client relationships
• Support business development activities such as drafting and presenting proposals

Required qualifications:

• Third or final year student (Bachelor, Master degree or equivalent), available for at least four months full-time
• Strong problem solving, communication, and analytical skills
• Basic knowledge or understanding of IT/cybersecurity topics
• Ambition to grow consulting as well as technical skills, and a strong work ethic
• Professionalism in attitude and conduct; exhibits honesty and integrity and can build trust with internal teams and stakeholders
• Excellent command of spoken and written English

Preferred qualifications:

• Major in Information Technology, Information Systems, Computer Science, Cybersecurity
• Prior digital transformation/IT or data analysis experience
• First experience in consulting/advisory or project management
• Command of Microsoft Office
• Command of an additional language

We offer you:

• The ability to work in a dynamic international environment and ongoing on-the-job training
• The opportunity to work on exciting projects
• Excellent opportunities for personal and professional development, with ongoing coaching, training and mentorship
• Entrepreneurial opportunities by being part of a fast-growing consulting firm

Company Description

CASSolution, Corporate and Security Solution Limited, is a Hong Kong-based consultancy established in 2006. We have a proven track record across private and public sectors in Hong Kong and the Asia Pacific. We provide integrated solutions in Information Technology, Business Continuity and Disaster Recovery, Risk Management, Service Management, and Management Systems. Our services include consultancy, training, and assessment. Our aim is to provide a total solution in Information Technology and Management Services.

Role Description

This is a full-time, on-site role located in Kowloon for a Cybersecurity and Privacy Consultant. The Cybersecurity and Privacy Consultant will be responsible for advising on and implementing cybersecurity and data privacy measures, ensuring compliance with privacy regulations, creating and updating privacy policies, and consulting on privacy compliance. The role involves day-to-day tasks such as conducting assessments, developing strategies, and providing training and support to clients.

Qualifications

• Expertise in Privacy Regulations, Privacy Policies, Data Privacy, and Privacy Compliance
• Strong Cybersecurity skills and knowledge
• Excellent analytical and problem-solving skills
• Ability to work effectively on-site in Kowloon
• Bachelor's degree in Information Technology, Cybersecurity, or related field
• Professional certifications such as CISSP, CIPP, or equivalent are a plus

Job Summary and Mission

This position contributes to the success of wizlynx group by performing the following:

• Responsible for development and operational activities across the entire scope of our clients Security Governance, Risk and Compliance programs.

• The job encompasses leading and participating in the assessment of security, risks, and control effectiveness for applications, infrastructure, and technology projects. The Specialist will identify, classify, and document control issues in our clients computing environment by documenting assessment results, recommending corrective action, tracking remediation, evaluating policy and control standard exceptions, and regularly reporting to our clients IT management.

• Serve as the primary contact point for issue escalation

• Manage service support requirements and ensure that quality plan, KPIs/SLAs are met

• Draft support SOP and documentation

• Models and acts in accordance with wizlynx group guiding principles

With this position, you will also have the opportunity to get introduced to different areas of information and cyber security such as Offensive Security & Penetration Testing

Summary of Key Responsibilities

• Leads IT control assessments for our clients to ensure effective IT controls are in place to meeting operational and compliance requirements.

• Works with our clients IT, Internal Audit, Compliance and other key stakeholders to create an IT GRC strategy that complies with professional standards and addresses the IT risks inherent in our client's operations and industry.

• Develops Vendor Risk Management policies and supports client's risk profile assessment for vendor on-boarding process and conducts annual review of critical vendors.

• Performs ongoing logical access reviews and recommends updates to access control privileges to ensure proper Segregation of Duties based on user access reviews.

• Effectively reports and communicates testing results to client's IT management for corrective action, where required.

• Conducts information security awareness training.

Performs evidence collection and project management assistance of our clients annual compliance (e.g. CREST, PCI DSS) certification program.

• Track and monitor risk exceptions to ensure control deviations are identified and mitigating controls are in place.

• Assist our clients with drafting and maintaining information security policies

• Provides mentoring for other team members.

• Demonstrates excellent project management skills, inspires teamwork and responsibility with engagement team members, and uses current technology/tools to enhance the effectiveness of deliverables and services.

• Facilitates the performance and testing of our client's annual disaster recovery tests and business continuity plans.

Summary of Ideal Experience, Skills, Knowledge, and Abilities

Ideal Experience

a) Senior GRC role:

A minimum of five years of experience in information security audit or in a technology-related audit or compliance field, and strong knowledge base in operations, enterprise networking, system evaluation/architecture and consulting experience preferred.

b) Junior GRC role:

One to two years of experience in information security audit or in a technology-related audit or compliance field, and strong knowledge base in operations, enterprise networking, system evaluation/architecture and consulting experience preferred.

• Strong understanding of and ability to provide security configuration and testing of networking and operating systems including TCP/IP, WAN/LAN routing, VLAN architecture, and a wide array of large-scale environments including various major web application servers

Strong understanding of information security principles such as ISO 27001, HKMA CFI, CRAF, HK SFC, HKIA Guideline on Cybersecurity (GL20), PCI-DSS, PDPO, and other regulatory compliance

Language Skills

Fluent technical English (speech and writing)

• Ability to communicate clearly and concisely, both orally and in writing, in local language

Soft Skills

• Excellent team leadership, team oriented and team player who takes ownership

• Flexible attitude, reliable, action oriented

• Customer friendly approach and appearance

• Willingness to travel

• Innovative to push new ideas, dynamic and forward looking with clear management principle towards the team

• Able to work independently, critical thinking and be able to communicate effectively with the support team and customers

• Enjoys working in global team with different cultures

Technical Skills and Abilities

• Microsoft OS and Office knowledge

• Technical document writing

• Experience in Project Management in IT

• Knowledge in perimeter firewall infrastructure and VPN remote access

Summary of Education

• Bachelor's degree from an accredited college/university in an appropriate field

Certifications / Training

• CISM, CISA, CRISC, CISSP certified

KEY PERFORMANCE INDICATORS / MEASURES OF SUCCESS

• Achieve agreed targets/SLA/KPI in terms of quality, time and cost

• Lead team members to achieve team/organizational goals

• Improve and retain high customer satisfaction

POTENTIAL CAREER DEVELOPMENT

• Advance to higher business development tiers or geographic reach

Join to apply for the Information Security Manager role at Michael Page .

1 day ago Be among the first 25 applicants.

Our client is a well-established organization within the financial services sector. With a large workforce and a solid market presence in Hong Kong, they are committed to maintaining high standards in technology and information security.

As a 'Manager, Information Security,' your main responsibilities will include:

• Overseeing the implementation and maintenance of the bank's information security systems.
• Conducting regular audits and risk assessments to ensure adherence to security protocols.
• Developing and implementing information security policies and procedures.
• Training and mentoring staff on information security best practices.
• Conducting cybersecurity assessments, including penetration testing and infrastructure/web application reviews.
• Managing and maintaining security systems such as firewalls, NAC, IPS, and SIEM.
• Leading and coordinating information security projects across departments.
• Managing incident responses and investigations into security breaches.
• Staying updated on the latest trends and developments in information security.
• Reporting on the status of information security to senior management.

A Successful 'Manager, Information Security' Should Have

• A degree in Computer Science, Information Security, or a related field.
• Proven experience in a managerial role within the field of information security.
• Familiarity with information security regulations and standards in the financial services industry.
• Exceptional leadership and communication skills.
• The ability to handle sensitive information with discretion and integrity.

• A competitive salary in the range of HKD 648,000 - HKD 792,000 per annum.
• Standard benefits package.
• The chance to work in a fast-paced, technology-driven environment within the financial services industry.
• Opportunities for career progression and professional development.
• A supportive and collaborative company culture.

We encourage all candidates who believe they can fulfill these responsibilities and possess the necessary qualifications and skills to apply. This is a fantastic opportunity to join a leading financial organization in Hong Kong and make a significant impact in the field of Information Security.

Contact: Alexis Wee

Quote job ref: JN-

• Mid-Senior level

• Full-time

• Information Technology and Engineering

• Financial Services, Accounting, and Banking

Join to apply for the Information Security Manager role at Global Payments Inc. .

Develops and leads one or more of the following highly technical and specialized areas within information security: Security Engineering, Security Architecture, Forensics Analysis, Threat Analysis, Threat Hunting and Penetration Testing. Manages the development, deployment and execution of enterprise security controls and defenses. Monitors, analyzes and exploits system vulnerabilities to detect potential threats. Executes containment, mitigation and protection processes to safeguard against real time threats while maintaining critical documentation and evidence. Determines risk and exposure from security breaches and resolves incidents while providing guidance to business decision-makers.

• Tracks and supports the delivery of information security solutions. Manages the tactical activities of installing and configuring security systems, software and applications. Coordinates responses to intrusions and provide remediation guidance and support.
• Coordinates resources on highly complex development projects including approval of design specifications and scope. Provides input to short-term security technology roadmaps regarding applicability of new technologies. Disseminates updates to InfoSec Architectural policies, standards and guidelines to team members.
• Reviews forensic investigations and analysis of reported cyber incidents to evaluate root cause vectors and necessary control measures needed to prevent future occurrence. Implements appropriate countermeasures to recover deleted, hidden or lost user data.
• Coordinates research and analysis of threat actor profiles and associated indicators to detect potential threats. Implements recommended actions and security tools to identify, monitor and mitigate attacks. Coordinates with external security organizations to exchange threat intelligence.
• Coordinates complex threat assessment to evaluate incident impact and risk exposure. Reviews cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies), and draws conclusions on possible implications or applicability. Guides the threat intelligence collection process to enhance analytical capabilities.
• Manages execution of penetration testing activities on core systems. Articulates the outcome of stimulated attacks and underlying security issues or system weaknesses. Recommends and institutes remediation techniques or improvements to protect and maintain security frameworks and controls.
• Supports the evaluation and selection of security applications and systems. Manages the implementation of access control defenses. Provides quality review on the evaluation and documentation of team procedures. Manages development, deployment and support activities for multiple critical security technologies to include problem resolution and management, application maintenance, project requests and system enhancements.
• Not an exhaustive list; other duties as assigned.

• Bachelor's Degree
• Relevant Experience or Degree in: Information Security or Computer Science preferred. Other majors will be considered.
• Typically a minimum of 6 years
• Related professional experience and prefer a minimum of 1-2 years experience in a supervisory position.
• One or more of the following-CISSP, CISA, CISM, PCI-QSA, PA-QSA, PCIP, CRISC, CGEIT, Certified Forensic Computer Examiner (CFCE), Certified Cyber Threat Analyst (CCTA), Certified Computer Examiner (CCE)

• Prior Global Payments, payment or technology industry experience is preferred.
• Master's Degree in a related field of study from an accredited university.

None Identified

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industries: Financial Services and IT Services and IT Consulting